Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above.
You may have to register before you can post: click the register link above to proceed.
To start viewing messages, select the forum that you want to visit from the selection below.

The people responsible for a new Apple ID phishing scam have compromised 110 websites, says security firm Trend Micro. All of the sites are hosted on a specific IP address, 70.86.13.17, which is registered with an ISP based in Houston, Texas. "Almost all of these sites have not been cleaned," Trend Micro remarks.

The firm notes that the criminals behind the act are targeting not just Americans but also British and French Internet users. Some of the phishing attempts ask not only for an Apple ID, but also other personal information such as billing addresses and credit card numbers. Victims are told that the information is needed to restore access to Apple services, but in truth it's being stolen by unknown parties.

The culprits appear to be foreign, as a sample phishing email shows extremely poor grammar. Trend Micro points out that this and inconsistent domains in email addresses and web links should make it easy to spot phishing attempts. In some countries, Apple's two-step verification for account changes should prevent Apple IDs from being hijacked.

There is some evidence to support the rumor that phishing scams like this (as well as Nigerian 409 scams, etc.) intentionally include grammar mistakes and other spelling errors, specifically as a "front line" filter to weed out recipients that are unlikely to fall for it.

In other words, the scammers/phishers are intentionally using bad grammar so that their "success rate" of successful phishes/scams goes up. Smarter people will notice the spelling and grammar errors and chalk it up to spam, thereby not wasting the phishers'/scammers' time, while less educated, experienced recipients may not see those things as a red flag and go forward with handing over their information.

There is some evidence to support the rumor that phishing scams like this (as well as Nigerian 409 scams, etc.) intentionally include grammar mistakes and other spelling errors, specifically as a "front line" filter to weed out recipients that are unlikely to fall for it.

In other words, the scammers/phishers are intentionally using bad grammar so that their "success rate" of successful phishes/scams goes up. Smarter people will notice the spelling and grammar errors and chalk it up to spam, thereby not wasting the phishers'/scammers' time, while less educated, experienced recipients may not see those things as a red flag and go forward with handing over their information.

This makes no sense, as somebody clicking on a link and then NOT entering information is no more of a burden than somebody who doesn't click on the link in the first place.

All they're doing by not vetting for grammar and spelling is reducing the chances of getting somebody less ignorant. There is no advantage.